Pension Funds Insider

Pension Funds Insider brings the latest pensions news and industry insights; from investment and governance updates to new mandate appointments and pensions regulatory information.

Latest news DC and Auto Enrolment Governance Investment Legal and Regulatory Mandates News and Research Opinions Risk Management Trusteeship

Is your scheme ready for digital transformation?

Friday, July 24, 2015

Image for Is your scheme ready for digital transformation?

Veratta's Monica Cope urges the pensions industry to mitigate the risk of cyber crime

Emerging technologies in the pensions industry are facilitating more efficient pension scheme management at a lower price point. Opportunities for enhanced consulting are exploding, but is your scheme ready for a digital transformation?

The modern day trustee is embracing technology and enjoying the benefits of scheme information at their fingertips. With real-time applications providing daily valuations, based on live member data, trustees have never been so empowered.

However, as we undergo a seismic shift in pension scheme management to online, web-based applications, and a fundamental change in culture, it's vital that trustees and their trusted advisers fully evaluate the business functionality of their technology platforms, alongside the information security gaps in their processes, systems and people.

Trustees will need the confidence that the underlying data for their scheme is being held securely and that adequate controls are in place to protect its confidentiality. As cyber-attacks continue at an exponential rate, becoming increasingly sophisticated, discrete and destructive, trustees are compelled to understand the level of cyber security in place to reduce the risk to sensitive member information.

Trustees should expect to see evidence that cyber security measures are in place and that they work – systems and networks should have appropriate controls in place and they should be regularly tested to gauge and improve security posture.

Penetration testing exposes weaknesses, hopefully before the criminals find them!

As we increase our dependence on technology, it is important to recognise the ongoing requirement to address data quality. Data standards and good record keeping are even more important than ever, and the true benefits of modern technological advances can only be realised if the underlying data is as accurate as possible.

Failure to hold inaccurate records will impact the scheme in many ways: inaccurate valuations, impacting demands on sponsoring employers; large numbers of queries when schemes carry out contracting-out reconciliation exercises as contracting-out ceases in 2016; scheme wind ups cannot be completed without complete and accurate data; high premiums incurred during de-risking exercises.

And finally then there's the weakest link – the human factor. Every individual handling or processing sensitive pension scheme information is a potential vulnerability to an information security management framework, whether accidental or deliberate.

So how can the industry ensure individual engagement to preserve the confidentiality, integrity and availability of information?

Trustees and their advisers should be seeking to identify risks related to cyber security and develop appropriate cyber security policies to mitigate those risks. Training and awareness on cyber security is absolutely essential to turn weak links into our greatest strengths.

Written by Monica Cope, COO, Veratta